// SPDX-License-Identifier: MPL-2.0
// (c) Hare authors <https://harelang.org>

use bytes;
use crypto::random;

@test fn sample() void = {
	let seed: [32]u8 = [0xff...];
	let priv: key = [0...];
	priv[31] = 0xbf;

	newkey(&priv, &seed);

	let pub: key = [0...];
	pubkey(&pub, &priv);

	const pexpected: key = [
		0x84, 0x7c, 0x0d, 0x2c, 0x37, 0x52, 0x34, 0xf3, 0x65, 0xe6,
		0x60, 0x95, 0x51, 0x87, 0xa3, 0x73, 0x5a, 0x0f, 0x76, 0x13,
		0xd1, 0x60, 0x9d, 0x3a, 0x6a, 0x4d, 0x8c, 0x53, 0xae, 0xaa,
		0x5a, 0x22,
	];

	assert(bytes::equal(pexpected, pub));

	const otherpub: key = [
		0x28, 0x18, 0x84, 0xe0, 0x0f, 0xae, 0x8a, 0x33, 0x75, 0x05,
		0xbf, 0x38, 0x15, 0x2a, 0x97, 0xc0, 0x20, 0x4a, 0x8c, 0x1d,
		0x4c, 0xfa, 0x2d, 0x2b, 0x12, 0x99, 0x80, 0xed, 0xe7, 0x32,
		0xaf, 0x0d,
	];

	const expected: key = [
		0x07, 0x4a, 0xaf, 0x3c, 0xa3, 0x87, 0xd5, 0xa3, 0x71, 0x25,
		0x9f, 0x50, 0xb3, 0xf0, 0xa1, 0xe9, 0x63, 0x6b, 0x18, 0x1d,
		0x5e, 0x4e, 0x6e, 0xb3, 0x1a, 0xe9, 0xda, 0x01, 0x05, 0x4a,
		0x8c, 0x3b,
	];

	let shared: key = [0...];

	derive(&shared, &priv, &otherpub);
	assert(bytes::equal(expected, shared));
};

@test fn random() void = {
	let seed: [32]u8 = [0...];
	let priv1: key = [0...];
	let priv2: key = [0...];
	let pub1: key = [0...];
	let pub2: key = [0...];
	let shared1: key = [0...];
	let shared2: key = [0...];

	random::buffer(seed);
	newkey(&priv1, &seed);

	random::buffer(seed);
	newkey(&priv2, &seed);

	pubkey(&pub1, &priv1);
	pubkey(&pub2, &priv2);

	derive(&shared1, &priv1, &pub2);
	derive(&shared2, &priv2, &pub1);

	assert(bytes::equal(&shared1, &shared2));
};
